Skip to main content

DNS Error Occurred , DKIM,SPF

dxb04
I was trying to enable DKIM and add a DNS record for a domain ,, At the page " Enable DKIM/SPF Globally " I click proceed to enable the feature, and wait for a long time, but nothing happen I check at " Email Deliverability" page and i found there a DNS Error ( Screenshot attached ) In general, how to enable DKIM and why i got this error ?

Comments

30 comments

Date Votes
  • JIKOmetrix
    It looks like it was not able to update DNS. Do any of the DNS zones show DKIM entry? Is DNS running on the server?
    0
  • dxb04
    It looks like it was not able to update DNS. Do any of the DNS zones show DKIM entry? Is DNS running on the server?

    I add a DKIM entry to one of the domains as i want to use an external email service provider .. I think it is running .. the websites running too .. is there any command that may help to check the status of DNS ?
    0
  • JIKOmetrix
    at terminal use something like systemctl status named
    0
  • dxb04
    at terminal use something like systemctl status named

    This is the result [root@server ~]# systemctl status named " named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled) Drop-In: /etc/systemd/system/named.service.d ""cpanel.conf Active: inactive (dead)
    0
  • JIKOmetrix
    Like it says, it is dead Try this now. systemctl restart named systemctl status named
    0
  • JIKOmetrix
    Sorry just noticed that your DNS is disabled? Is this your server or reseller account?
    0
  • dxb04
    Sorry just noticed that your DNS is disabled? Is this your server or reseller account?

    It is my server
    0
  • dxb04
    Like it says, it is dead Try this now. systemctl restart named systemctl status named

    This was the result of the last command "systemctl status named" " named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled) Drop-In: /etc/systemd/system/named.service.d ""cpanel.conf Active: active (running) since Tue 2023-03-07 01:43:26 +04; 9s ago Process: 18225 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS) Process: 18220 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS) Main PID: 18226 (named) CGroup: /system.slice/named.service ""18226 /usr/sbin/named -u named -c /etc/named.conf Mar 07 01:43:25 web.com named[18226]: automatic empty zone: view internal: EMPTY.AS112.ARPA Mar 07 01:43:25 web.com named[18226]: automatic empty zone: view internal: HOME.ARPA Mar 07 01:43:25 web.com named[18226]: none:104: 'max-cache-size 90%' - setting to 57644MB (out of 64048MB) Mar 07 01:43:25 web.com named[18226]: set up managed keys zone for view external, file 'external.mkeys' Mar 07 01:43:25 web.com named[18226]: none:104: 'max-cache-size 90%' - setting to 57644MB (out of 64048MB) Mar 07 01:43:25 web.com named[18226]: configuring command channel from '/etc/rndc.key' Mar 07 01:43:25 web.com named[18226]: command channel listening on 127.0.0.1#953 Mar 07 01:43:25 web.com named[18226]: configuring command channel from '/etc/rndc.key' Mar 07 01:43:25 web.com named[18226]: command channel listening on ::1#953 Mar 07 01:43:26 web.com systemd[1]: Started Berkeley Internet Name Domain (DNS).
    0
  • JIKOmetrix
    Then you need to go into WHM and enable a DNS service in the service configuration -> Nameserver Selection section.
    0
  • dxb04
    Then you need to go into WHM and enable a DNS service in the service configuration -> Nameserver Selection section.

    Is it possible through ssh ?!
    0
  • JIKOmetrix
    Then you were able to restart the server? I see it is now running 9s. retry try the DKIM setup.
    0
  • dxb04
    Is it possible through ssh ?!

    The result of "systemctl status named" Shows every thing is running ? Or you mean i have to restart the server ?!
    0
  • JIKOmetrix
    No sorry, retry try the DKIM setup now.
    0
  • dxb04
    No sorry, retry try the DKIM setup now.

    Through WHM ? Or there is a way to do it through SSH ? If yes, may i know it ?
    0
  • cPRex Jurassic Moderator
    The output of "dead" is normal from the systemctl command mentioned earlier, and is likely not relevant to your DNS issues. This is because modern cPanel servers use PowerDNS so you'll see the PDNS process running as the "named" user on the system if you check ps aux: # ps aux | grep named named 2911610 0.0 0.9 1174812 35740 ? Ssl Feb22 2:21 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no
    You'll want to check the zone file to see if the records were added.
    0
  • JIKOmetrix
    Through WHM ? Or there is a way to do it through SSH ? If yes, may i know it ?

    whm
    0
  • dxb04
    The output of "dead" is normal from the systemctl command mentioned earlier, and is likely not relevant to your DNS issues. This is because modern cPanel servers use PowerDNS so you'll see the PDNS process running as the "named" user on the system if you check ps aux: # ps aux | grep named named 2911610 0.0 0.9 1174812 35740 ? Ssl Feb22 2:21 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no
    You'll want to check the zone file to see if the records were added.

    Like so : ? [root@server ~]# ps aux | grep named named 18499 0.0 0.0 515188 12716 ? Ssl 01:45 0:00 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no root 20329 0.0 0.0 112808 976 pts/0 S+ 02:01 0:00 grep --color=auto named [root@server ~]# named 2911610 0.0 0.9 1174812 35740 ? Ssl Feb22 2:21 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no usage: named [-4|-6] [-c conffile] [-d debuglevel] [-E engine] [-f|-g] [-n number_of_cpus] [-p port] [-s] [-S sockets] [-t chrootdir] [-u username] [-U listeners] [-m {usage|trace|record|size|mctx}] usage: named [-v|-V] named: extra command line arguments
    Or you you meant to change "named" with system user "root" ?!
    0
  • cPRex Jurassic Moderator
    Yes, that output is also normal.
    0
  • dxb04
    Yes, that output is also normal.

    Is there any other steps to do ? Or just to setup DKIM ?
    0
  • cPRex Jurassic Moderator
    I still wouldn't expect there to be errors from the cPanel interface when setting up the records. Do you see them added to the zone if you check the Zone Editor tool?
    0
  • dxb04
    I still wouldn't expect there to be errors from the cPanel interface when setting up the records. Do you see them added to the zone if you check the Zone Editor tool?

    The record were there before when i added them .. and they already there .. that's all ?!
    0
  • dxb04
    Hi , In WHM, i open to : service configuration -> Nameserver Selection section There was no choosen dns, the only one i was able to click on was BIND . Then i try to Enable DKIM/SPF Globally How to check if DKIM is working ?
    0
  • cPRex Jurassic Moderator
    Have you already created custom nameservers and pointed them to your server at the registrar level? If so, and the rest of the DNS is working, there are online tools such as DKIM Check- DomainKeys Identified Mail (DKIM) Record Lookup - MxToolBox that can check the records for you.
    0
  • dxb04
    Have you already created custom nameservers and pointed them to your server at the registrar level? If so, and the rest of the DNS is working, there are online tools such as An error has occurred with your lookup. Please try again. You must include a selector when checking DKIM.
    • Option 1: (domain):(selector) i.e. mxtoolbox.com:email - where mxtoolbox.com is the domain part and email is the selector, separated by a colon
    • Option 2: (selector).(_domainkey).(domain) i.e. email._domainkey.mxtoolbox.com - where email is the selector followed by ._domainkey. and then mxtoolbox.com as the domain.

    i add an email address of the same domain as a selector, is it correct ? or i missing something ?! Moreover, Yesterday i had made some changes at : Home "Email "Email Deliverability DKIM and SPF are valid now ..
    0
  • cPRex Jurassic Moderator
    The resolver configuration is separate from the nameservers. Is the DNS pointed to the cPanel machine for this domain?
    0
  • dxb04
    The resolver configuration is separate from the nameservers. Is the DNS pointed to the cPanel machine for this domain?

    As long as i know, yes Does : Nameserver Record Report, shows this information ? The nameserver and the ip are correct .. Also at : Home /Networking Setup /Resolver Configuration, The ip address is correct .. Is there any other thing need to be checked ?!
    0
  • cPRex Jurassic Moderator
    That's all good then. If you see the DNS record in cPanel, that's all that needs to happen. Another easy way to test is to send an email to Gmail and then view the headers. That will show them checking the SPF and DKIM and if it validates.
    0
  • dxb04
    That's all good then. If you see the DNS record in cPanel, that's all that needs to happen. Another easy way to test is to send an email to Gmail and then view the headers. That will show them checking the SPF and DKIM and if it validates.

    Shows all as PASS :)
    0
  • cPRex Jurassic Moderator
    There you go - if Google is passing it, you can be assured it is setup correctly because they are very strict about all email settings.
    0
  • dxb04
    There you go - if Google is passing it, you can be assured it is setup correctly because they are very strict about all email settings.

    I am so happy that the issues are being solved one by one :-D
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post